Privacy Policy

Last updated: May 2026

1. Who we are

Tine Casil is a small bespoke jewellery studio in London. We are the data controller for the personal information described on this page. For any privacy question, write to christine@tinecasil.com.

2. What we collect

  • Contact details you give us (name, email, phone) when you enquire or place an order.
  • Commission details (your brief, preferences, sizing, conversation history).
  • Order and payment metadata returned by Stripe (we never see card numbers).
  • Shipping addresses and tracking data provided to Shippo.
  • Newsletter subscription state, if you opt in.

3. How we use it

  • To design, quote, deliver, and aftercare your commission.
  • To meet our legal record-keeping duties (e.g. HMRC retention).
  • To answer support questions and improve how we work with customers.
  • To send the newsletter to subscribers who have opted in.

4. Where it lives

Personal data is stored in our Neon Postgres database (currently hosted in US-East). Some processing is handled by trusted suppliers: Stripe for payments, Shippo for shipping, Resend for email, and Anthropic for the chat assistant that helps Christine answer enquiries. Each only sees the minimum data needed for its role.

5. Data retention

We keep different data for different periods, depending on what it is for. The canonical schedule (which table or storage bucket holds what, for how long, and which automated job enforces the rule) is documented in our retention policy:

Read the full data-retention schedule on GitHub.

In summary:

  • Customer account: kept while the account is active; soft-deleted on request (your name, email, and phone are erased while aggregates needed for accounting remain).
  • Completed commissions: 7 years (UK financial-records requirement). Cancelled commissions are deleted on request.
  • Customer chat history: 90 days, unless you have an open commission with us.
  • Internal admin chat: 90 days; older messages are archived for up to 2 years and then deleted.
  • Data export archives (SAR downloads): 7 days from creation, single-use link.

6. Your rights

  • Access: request a copy of everything we hold about you (delivered as a one-time download link, valid for 7 days).
  • Rectification: ask us to correct anything that is wrong.
  • Erasure: ask us to delete your data. Soft-delete by default; hard-delete on explicit request. Open commissions must be closed or cancelled first.
  • Marketing opt-out: use the unsubscribe link in any newsletter, or email us to be removed.
  • Complain: the UK Information Commissioner's Office (ICO) at ico.org.uk.

To exercise any right, email christine@tinecasil.com. We respond within the statutory one-month window.

7. Changes to this policy

When we change this policy we update the "Last updated" date above. Material changes (new data uses, new processors, shorter retention) are announced via the newsletter to opted-in subscribers.

Back to Tine Casil

Some craft starts with a biscuit. This site only uses cookies to support your consultation and checkout. No marketing, no tracking.